[Debian-iot-maintainers] Bug#1001384: Bug#1001384: Acknowledgement (ulfius: Fix ulfius_url_{encode, decode} call malloc instad of o_malloc in stable)

Thu Dec 9 18:25:42 GMT 2021

See the debdiff attached for the package
-------------- next part --------------
diff -Nru ulfius-2.7.1/debian/changelog ulfius-2.7.1/debian/changelog

--- ulfius-2.7.1/debian/changelog	2021-09-19 15:39:39.000000000 -0400
+++ ulfius-2.7.1/debian/changelog	2021-12-09 08:06:15.000000000 -0500
@@ -1,3 +1,9 @@
+ulfius (2.7.1-1+deb11u2) bullseye; urgency=medium
+
+  * d/patches: Uses o_malloc instead of malloc (Closes: #1001384)
+
+ -- Nicolas Mora <babelouest at debian.org>  Thu, 09 Dec 2021 08:06:15 -0500
+
 ulfius (2.7.1-1+deb11u1) bullseye; urgency=medium
 
   * d/patches: Fix CVE-2021-40540 (Closes: #994763)
diff -Nru ulfius-2.7.1/debian/patches/malloc.patch ulfius-2.7.1/debian/patches/malloc.patch
--- ulfius-2.7.1/debian/patches/malloc.patch	1969-12-31 19:00:00.000000000 -0500
+++ ulfius-2.7.1/debian/patches/malloc.patch	2021-12-09 08:06:15.000000000 -0500
@@ -0,0 +1,34 @@
+Description: call malloc instead of o_malloc
+Author: Harald Welte <laforge at gnumonks.org>
+Forwarded: not-needed
+--- a/src/u_request.c
++++ b/src/u_request.c
+@@ -143,7 +143,7 @@
+  */
+ static char * url_decode(const char * str) {
+   if (str != NULL) {
+-    char * pstr = (char*)str, * buf = malloc(strlen(str) + 1), * pbuf = buf;
++    char * pstr = (char*)str, * buf = o_malloc(strlen(str) + 1), * pbuf = buf;
+     while (* pstr) {
+       if (* pstr == '%') {
+         if (pstr[1] && pstr[2]) {
+--- a/src/ulfius.c
++++ b/src/ulfius.c
+@@ -1796,7 +1796,7 @@
+ char * ulfius_url_encode(const char * str) {
+   char * pstr = (char*)str, * buf = NULL, * pbuf = NULL;
+   if (str != NULL) {
+-    buf = malloc(strlen(str) * 3 + 1);
++    buf = o_malloc(strlen(str) * 3 + 1);
+     if (buf != NULL) {
+       pbuf = buf;
+       while (* pstr) {
+@@ -1830,7 +1830,7 @@
+ char * ulfius_url_decode(const char * str) {
+   char * pstr = (char*)str, * buf = NULL, * pbuf = NULL;
+   if (str != NULL) {
+-    buf = malloc(strlen(str) + 1);
++    buf = o_malloc(strlen(str) + 1);
+     if (buf != NULL) {
+       pbuf = buf;
+       while (* pstr) {
diff -Nru ulfius-2.7.1/debian/patches/series ulfius-2.7.1/debian/patches/series
--- ulfius-2.7.1/debian/patches/series	2021-09-19 15:39:39.000000000 -0400
+++ ulfius-2.7.1/debian/patches/series	2021-12-09 08:06:15.000000000 -0500
@@ -1,3 +1,4 @@
+malloc.patch
 examples.patch
 doc.patch
 CVE-2021-40540.patch
